On ke, 18 joulu 2019, Matthias Vis wrote:
So, let's get straight:
- you have IPA deployment with Kerberos realm FOO.BAR, where initial
IPA master was installed on 'server 1'
Correct
- you enrolled 'server 5' to IPA deployment with Kerberos realm FOO.BAR
Correct
- now you want to create IPA
So, let's get straight:
- you have IPA deployment with Kerberos realm FOO.BAR, where initial
IPA master was installed on 'server 1'
Correct
- you enrolled 'server 5' to IPA deployment with Kerberos realm FOO.BAR
Correct
- now you want to create IPA deployment with Kerberos realm BAR.ZED
On ke, 18 joulu 2019, Matthias Vis via FreeIPA-users wrote:
Hi, I have a question about installing an ipa server. First of all I
have an ipa server installed on server 1 this one works correctly. I
also installed a client on server 5 and from now on I can connect
through this server via ssh and s
Hi, I have a question about installing an ipa server. First of all I have an
ipa server installed on server 1 this one works correctly. I also installed a
client on server 5 and from now on I can connect through this server via ssh
and ssh-key provided in the ipa server. So everything is fine un
On ke, 18 joulu 2019, White, David via FreeIPA-users wrote:
I am trying to spin up a new 2-node cluster in my lab environment.
I have FreeIPA installed, and can login to the web UI.
At this point, I’m trying to establish a trust with AD:
ipa trust-add --type=ad example.net --admin administrator
Hello,
We have a root CA and a subordinate CA with Freeipa.
The root CA issues a certificate for the subordinate CA and the subordinate CA
provides certificates to the client workstations.
Since multi stapling is not available, is it possible to verify certificates
with (simple) stapling with
I am trying to spin up a new 2-node cluster in my lab environment.
I have FreeIPA installed, and can login to the web UI.
At this point, I’m trying to establish a trust with AD:
ipa trust-add --type=ad example.net --admin administrator
Based on the errors I was getting with that command’s stdout
On ke, 18 joulu 2019, Jones, Bob (rwj5d) via FreeIPA-users wrote:
Let me attack this from a different direction. The reason we are
looking at this is that in January of 2020, Microsoft plans to ship a
security change that will impact the way that accounts perform LDAP
binds and “talk” to Active
Let me attack this from a different direction. The reason we are looking at
this is that in January of 2020, Microsoft plans to ship a security change that
will impact the way that accounts perform LDAP binds and “talk” to Active
Directory. The details of this change are outlined below:
htt
Hi,
On Wed, Dec 18, 2019 at 1:47 PM White, David via FreeIPA-users
wrote:
>
> Reviewing the FreeIPA documentation for deployment recommendations, I read:
>
> “generally, it is recommended to have at least 2-3 replicas in each
> datacenter”.
>
>
>
> A couple of months ago, when we initially desig
Reviewing the FreeIPA documentation for deployment recommendations, I read:
“generally, it is recommended to have at least 2-3 replicas in each datacenter”.
A couple of months ago, when we initially designed and deployed FreeIPA / IdM,
we decided to deploy 3 nodes into each of our two datacenters
Hi,
this may be something obvious, but i need a hint in the right direction:
I recently upgraded to IPA 4.6.5/Samba 4.9.1 via regular CentOS update. Samba
runs on IPA server.
Samba shares are still working, but there is a performance decrease of about an
order of magnitude (~4-5 MB/s vs. 40-50
Dear all,
since a few days we get the following message about 1-2 times a day in the
error logs of several of our replicas:
INFO - csngen_new_csn - Sequence rollover; local offset updated.
Is this something we should be worried about?
We ran the readNsState.py script from
https://directory.fe
On Tue, Dec 17, 2019 at 05:01:01PM -0500, Simo Sorce via FreeIPA-users wrote:
> The port alone won't tell you anything, in AD communication happens on
> port 389, but is then upgraded via SASL/GSSAPI to use a secure channel
> (pretty much like you do with STARTTLS).
>
> On Tue, 2019-12-17 at 21:56
14 matches
Mail list logo
